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UNITED STATES PATENT AND TRADEMARK OFFICE 



APPLICANT: Lynn D. Spraggs 

SERIAL NO.: Unknown 

FILING DATE: Unknown 

INTL. APP. NO.: PCT/US99/24191 

INTL. FILING DATE: October 14, 1999 

TITLE: System and Method of Sending and Receiving Secure 
Data Using Anonymous Keys 



ATTY.DKT.NO.: 
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THE ASSISTANT COMMISSIONER FOR PATENTS 
WASHINGTON, D.C. 20231 

PRELIMINARY AMENDMENT 

Sir: 



Prior to examination, please amend the application as follows: 



In the Specifications 

On page 3, line 14, delete "not" and substitute — now 



REMARKS 

By this Amendment, Applicant has provided a minor change to the 
specification. No new matter is being added. In the event that the Examiner has 
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any questions, he or she is respectfully invited to contact the undersigned at the 
number set out below. 



Respectfully submitted, 
Lynn Spraggs 



Date: 




Aaron Wininger, Reg. No. 45,229 

Carr & Ferrell LLP 

2225 East Bayshore Road, Suite 200 

Palo Alto, CA 94303 

(650) 812-3465 
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[ ] the owner of the small business concern identified below: 
[X] an official of the small business concern empowered to 
act on behalf of the concern identified below: 

NAME OF CONCERN Aegis Systems Inc. 

ADDRESS OF CONCERN 1101 San Antonio Road, Suite 409 

Mountain View, CA 94043 



I hereby declare that the above identified small business concern qualifies as a small 
business concern as defined in 13 CFR 121.2, and reproduced in 37 CFR 1.9 (d), for 
purposes of paying reduced fees to the United States Patent and Trademark Office, in 
that the number of employees of the concern, including those of its affiliates, does not 
exceed 500 persons. For purposes of this statement, (1) the number of employees of 
the business concern is the average over the previous fiscal year of the concern of the 
persons employed on a full-time part-time or temporary basis during each of the pay 
periods of the fiscal year, and (2) concerns are affiliates of each other when either, 
directly or indirectly, one concern controls or has the power to control the other, or a 
third party or parties controls or has the power to control both. 

I hereby declare that rights under contract or law have been conveyed to and remain 
with the small business concern identified above with regard to the invention, 
entitled "System and Method of Sending and Receiving Secure Data Using 
Anonymous Keys", by inventor Lynn Spraggs, as described in 

[ 1 the specification filed herewith. 

[X] PCT application serial no. PCT/US99/24191, filed October 14, 1999. 
[ ] patent no. , issued . 



If the rights held by the above identified small business concern are not exclusive, 
each individual, concern or organization having rights in the invention is listed 
below* and no rights to the invention are held by any person, other than the 
inventor, who would not qualify as an independent inventor under 37 CFR 1.9(c) if 
that person made the invention, or by any concern which would not qualify as a 
small business concern under 37 CFR 1.9(d), or a nonprofit organization under 37 
CFR 1.9(e). *NOTE: Separate verified statements are required from each named 
person, concern or organization having rights to the invention averring to their 
status as small entities. (37 CFR 1.27) 

NAME 

ADDRESS 

[ ] INDIVIDUAL [ ] SMALL BUSINESS CONCERN [ ] NONPROFIT ORGANIZATION 

I acknowledge the duty to file, in this application or patent, notification of any 
change in status resulting in loss of entitlement to small entity status prior to paying, 
or at the time of paying, the earliest of the issue fee or any maintenance fee due after 
the date on which status as a small entity is no longer appropriate. (37 CFR 1.28 (b)) 

I hereby declare that all statements made herein of my own knowledge are true and 
that all statements made on information and belief are believed to be true; and 
further that these statements were made with the knowledge that willful false 
statements and the like so made are punishable by fine or imprisonment, or both, 
under section 1001 of the Title 18 of the United States Code, and that such willful 
false statements may jeopardize the validity of the application, any patent issuing 
thereon, or any patent to which this verified statement is directed. 

NAME OF PERSON SIGNING A g> PK> V< MATH^ 

TITLE OF PERSON IF OTHER THAN OWNER f A £s |Q7 
ADDRESS OF PERSON SIGNING 1101 San Antonio Road. Suite 409 
Mountain View. CA 94043 
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SYSTEM^JmMEXH QD OF SENDING AND RECEIVING SECURE DATA 
USING ANONYMOUS KEYS 



BACKGROUND OF THE INVENTION 



1. Field of the invention 

The present invention relates generally to computer security and 
more specifically to allow the secure transfer and receipt of data between 
computers using anonymous keys. 



2. Description of the Prior Art 

In order to securely transfer data between computers on the 
Internet, various different types of encryption/ decryption methods are 
used. One way of securely transferring data over the Internet includes 
the use of a public key /private key system. 

A public key is provided by some designated authority as a key 
that, combined with a private key derived from the public key, can be 
used to effectively encrypt and decrypt messages and digital signatures. 

In public key cryptography, a public and private key are created 
simultaneously using the same algorithm (a popular one is known as 
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RSA) by a certificate authority. The private key is given only to the 

a- 

requesting party and the public key is made publicly available (as part of 
a digital certificate) in a directory that all parties can access. The private 
key is never shared with anyone or sent across the Internet. The private 
key is used to decrypt text that has been encrypted with the public key 
counterpart by someone else who has the public key. 

Public key cryptography generally requires a large mathematical 
decomposition in order to work effectively. Generally, the length of a 
private key is in the order of 64 bytes. Decomposing these relatively 
small private keys requires considerable computational power. Public 
key cryptography is typically used as a one-way encryption and if a 
private key is changed, then everyone else that has the public key 
counterpart must receive a new public key. 

Thus, it would be desirable to provide a system and method of 
securing data that is easy to use, allows a user to have only a private key 
unknown to anyone else, does not require a public key, allows for a 
larger size private key for high security, uses less computation power 
than public key cryptography, and can be used in two directions. 
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SUMMARY OF THE INVENTION 

A system and method is provided of securely transmitting data 
between two computers over a network, such as the Internet, using 
5 anonymous keys that are private only to each user and are not shared 
with anyone else. The data is first encrypted at a first computer with a 
first private key into a first encrypted data file. The first encrypted data 
file is then transmitted to a second computer, wherein the first encrypted 
data file is encrypted with a second private key into a second encrypted 

10 data file. The second encrypted data file is then sent to the first 

computer, wherein the second encrypted data file is now decrypted with 
the first private key, known to the user at the first computer, into a third 
encrypted data file. The third encrypted data file is then sent to the 
second computer, wherein the third encrypted data file can not be fully 

15 decrypted into the original data file using the second private key. 

Associative properties of encryption and decryption are used and 
allow for the use of large private keys in order to obtain a high-level of 
security. Additionally, the computational power to encrypt and decrypt 
data is significantly lower than the public key system since the 

20 encryption method is based on one private key and not on a public key 
and private key. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

The present invention may be better understood, and its numerous 
objects, features, and advantages made apparent to those skilled in the 
art by referencing the accompanying illustrations. For simplicity and 
ease of understanding, common numbering of elements is employed 
where an element is the same in different illustrations. 

FIG. 1 is a schematic diagram illustrating a client transmitting 
secure data to a server over the Internet, in accordance with the present 
invention; 

FIG. 2 is a block diagram of the server computer shown in FIG. 1, 
in accordance with the present invention; 

FIG. 3 is a block diagram of one embodiment of the non-volatile 
memory module located within the server computer of FIG. 2; and 

FIG. 4 is a block diagram of the client computers shown in FIG. 1, 
in accordance with the present invention; 
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FIG. 5 is a block diagram of one embodiment of the non-volatile 
memory module located within the client computers of FIG. 4; and 

FIG. 6 is a flowchart of a method illustrating how a client, having a 
private key, passes encrypted data to a server computer, according to the 
invention. 
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DETAILED DESCRIPTION OF THE INVENTION 

The following is a detailed description of illustrative embodiments 
of the present invention. As these embodiments of the present invention 
5 are described with reference to the aforementioned illustrations, various 
modifications or adaptations of the methods and or specific structures 
described may become apparent to those skilled in the art. All such 
modifications, adaptations, or variations that rely upon the teachings of 
the present invention, and through which these teachings have advanced 

10 the art, are considered to be within the spirit and scope of the present 
invention. Hence, these descriptions and drawings should not be 
considered in a limiting sense, as it is understood that the present 
invention is in no way limited to only the embodiments illustrated. 

Referring now to FIG. 1, a schematic diagram illustrates a server 

15 100 used to receive encrypted data from a client computer 102 through 
the Internet 106 using anonymous keys that are private and unknown to 
others. 

FIG. 2 is a block diagram of the server computer 100 shown in 
FIG. 1. Server 100 includes a CPU 202, a RAM 204, a non-volatile 
20 memory 206, an input device 208, a display 210, and an Internet 
interface 212 for providing access to the Internet. 
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FIG. 3 is a block diagram of one embodiment of the non-volatile 
memory module 206 located within the server computer 100 of FIG. 2. 
The non-volatile memory 206 includes an encrypt/ decrypt engine 302, 
and a secure data database 304 for storing secured data. 
5 The encrypt/decrypt engine 302 is programmed to encrypt and 

decrypt data using a password or a key provided by the user. The 
encryption/decryption engine is programmed to use associative 
properties that would provide an associative-type of algorithm for the 
encryption and decryption of data. For example, if the data is encrypted 

10 by 'X' then that would result in encrypted data(X). If encrypted data(X) is 
then encrypted by Y' then that would result in encrypted data(X*Y). If 
encrypted data(X*Y) is decrypted by 'X' then that would result in 
encrypted datafY). If encrypted datafY) is decrypted by 'Y* then that 
would result in obtaining the original un-encrypted data. The 

15 computation power required to encrypt and decrypt data using this 

system and method is much less than the computational power required 
in a public /private key system, therefore longer keys can be used to 
provide an extremely high-level of security. 

FIG. 4 is a block diagram of a client computer 102 shown in FIG. 

20 1. Client 102 includes a CPU 402, a RAM 404, a non-volatile memory 
406, an input device 408, a display 410, and an Internet interface 412 
for providing access to the Internet. 
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FIG. 5 is a block diagram of one embodiment of the non-volatile 

-5- 

memory module 404 located within the client 102 of FIG. 4. The non- 
volatile memory 406 includes an encrypt /decrypt engine 502 for 
encrypting and decrypting data. The encrypt/ decrypt engine 502 can 
5 also be stored in RAM 404, and excellent results can be obtained when 
the encrypt/decrypt engine is served up as a Java™ applet to the client 
102, thereby eliminating the need for the client to install his own 
encrypt/ decrypt engine on his hard drive. 

FIG. 6 is a flowchart of a method illustrating how a client, with a 

10 private key, passes data securely encrypted to a server computer through 
the Internet in accordance with the invention. It is not necessary for the 
data to pass to a server computer, it can equally work between two client 
computers. The process begins at step 600. A user enters data on the 
client computer at step 602. At step 604 the data is encrypted with the 

15 encrypt/ decrypt engine using the user's private key (El) and the once- 
encrypted data (Dl) is sent over the Internet to the server. 

At step 606 the server encrypts the once- encrypted data with the 
server private key (E2) and the twice-encrypted data [(D1)*(D2)] is sent 
back to the client over the Internet. At step 608 the client re-enters his 

20 private key and decrypts the twice- encrypted data with his private key 
resulting in once-encrypted data (D2) that is encrypted with the server 
private key. The once -encrypted data (D2) is sent over the Internet back 
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to the server. At step 610 the server can decrypt the once-encrypted 
data with the server private key (E2) to obtain full access to the original 
data fully decrypted. The server can then store the data in a secure data 
database 304 or process the data accordingly. The process then ends at 
5 step 612. 

Various different modifications can be made to this invention, 
however, it is essential that the original data is encrypted at least twice, 
preferably with different private keys, prior to decrypting the data. 
Furthermore, the data must be sent back-and-forth between the client 

10 and server at least three times. This invention is ideal for transmitting 
small amounts of data, such as a personal identification number, 
however, the applications of this invention increase as the speed of 
transmission between computers increases. 

The private key of both the client and server is not known by 

15 anybody else, therefore, the private key can be different every time a user 
utilizes this system and method of transmitting data. The private keys 
can also be very long (i.e. 1000 bytes) and could include biometric data, 
such as a digitized fingerprint of the user. Since this secure system and 
method of transmitting encrypted data utilizes a totally private key 

20 unknown to others, the various different applications of this invention 
are virtually limitless. Furthermore, the encrypted data would be 
virtually impossible to decrypt by a hacker since private keys can be 
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much longer than a typical private key (64 bytes) used in a 
private/public key system. 
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I Claim: 

1 1 . A system of encrypting and decrypting data using private keys for 

2 secure transmission, comprising: 

3 an encrypt and decrypt engine for encrypting and decrypting data 

4 with a private key using associative properties of encrypting and 

5 decrypting, wherein said encrypt and decrypt engine can encrypt an 

6 unsecured data file with a first private key into a first encrypted file, 

7 encrypt the first encrypted data file with a second private key into a 

8 second encrypted file, decrypt the second encrypted file with the first 

9 private key into a third encrypted file, and decrypt the third encrypted 
10 file with the second private key into the unsecured data file. 

1 2. The system of claim 1, wherein the private keys contain biometric 

2 data identifying its user. 
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1 3. A method of encrypting, decrypting and transmitting data using 

2 private keys for secure transmission from a first computer to a second 

3 computer, comprising the steps of: 

4 providing unsecured data for transmission at the first computer; 

5 encrypting the unsecured data using a first private key into a first 

6 encrypted data file; 

7 transmitting the first encrypted data file to the second computer; 

8 encrypting the first encrypted data file using a second private key 

9 into a second encrypted data file; 

10 transmitting the second encrypted data file to the first computer; 

1 1 decrypting the second encrypted data file using the first private key 

12 into a third encrypted data file; 

13 transmitting the third encrypted data file to the second computer; 

14 and 

1 5 decrypting the third encrypted data file using the second private 

16 key into the unsecured data. 

1 4. The method of claim 3, further including the step of storing the 

2 unsecured data on the second computer. 
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1 5. The method of claim 3, further including the step of verifying the 

2 validity of the unsecured data after decrypting the third encrypted data 

3 file at the second computer. 

1 6. The method of claim 3, wherein the encrypting and decrypting is 

2 performed using associative properties of encryption and decryption. 

1 7. The method of claim 3, wherein the private keys can include 

2 digitized biometric data identifying its user. 

1 8. The method of claim 3, further including the step of processing the 

2 unsecured data after decrypting the third encrypted data file at the 

3 second computer. 
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5. 

19. A method of encrypting and decrypting data using private keys for 

2 secure transmission from a first computer to a second computer, 

3 comprising the steps of: 

4 encrypting unsecured data using a first private key into a first 

5 encrypted data file at the first computer; 

6 encrypting the first encrypted data file using a second private key 

7 into a second encrypted data file at the second computer; 

8 decrypting the second encrypted data file using the first private key 

9 into a third encrypted data file at the first computer; and 

10 decrypting the third encrypted data file using the second private 

1 1 key into the unsecured data at the second computer. 

1 10. The method of claim 9, further including the step of storing the 

2 unsecured data on the second computer. 

1 11. The method of claim 9, further including the step of verifying the 

2 validity of the unsecured data after decrypting the third encrypted data 

3 file at the second computer. 

1 12. The method of claim 9, wherein the encrypting and decrypting is 

2 performed using associative properties of encryption and decryption. 
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1 13. The method of claim 9, wherein the private keys can include 

2 digitized biometric data identifying its user. 

1 14. The method of claim 9, further including the step of processing the 

2 unsecured data after decrypting the third encrypted data file at the 

3 second computer. 

1 15. A computer-readable medium comprising program instructions for 

2 encrypting and decrypting data using private keys for secure 

3 transmission from a first computer to a second computer, comprising the 

4 steps of: 

5 encrypting unsecured data using a first private key into a first 

6 encrypted data file at the first computer; 

7 encrypting the first encrypted data file using a second private key 

8 into a second encrypted data file at the second computer; 

9 decrypting the second encrypted data file using the first private key 

10 into a third encrypted data file at the first computer; and 

1 1 decrypting the third encrypted data file using the second private 

12 key into the unsecured data at the second computer. 
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1 16. The method of claim 15, wherein the encrypting and decrypting is 

2 performed using associative properties of encryption and decryption. 
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ATTORNEY'S DOCKET NO.: PA1066US 
DECLARATION AND POWER OF ATTORNEY FOR PATENT APPLICATION 



As a below named inventor, I hereby declare that: 

My residence, post office address and citizenship are as stated below next to my name. 

I believe I am the original, first and sole inventor of the subject matter which is claimed and for 
which a patent is sought on the invention entitled "System and Method of Sending and 
Receiving Secure Data Using Anonymous Keys," the specification of which (check one): 

| | is attached hereto. 

jX J was filed on October 14. 1999 

as U.S. Application No. 

or PCT International Application No. PCT/US99/24191 

and was amended on (if applicable). 

I hereby state that I have reviewed and understand the contents of the above-identified 
specification, including the claims, as amended by any amendment specifically referred to 
above. 

I acknowledge the duty to disclose information which is material to patentability as defined in 
Title 37, Code of Federal Regulations, §1.56. 

I hereby claim foreign priority benefits under Title 35, United States Code §1 19(a)-(d) or 
§365(b) of any foreign applications) for patent or inventor's certificate, or §365(a) of any PCT 
International application which designated at least one country other than the United States, 
listed below and have also identified below any foreign application for patent or inventor's 
certificate, or PCT International application, having a filing date before that of the application on 
which priority is claimed. 

Prior Foreign Applicationf s) Priority Claimed 



(Number) (Country) (Day/Month/Year filed) Yes No 



(Number) (Country) (Day/Montb/Year filed) Yes No 



I hereby claim the benefit under Title 35, United States Code §1 19(e) of any United States 
provisional application(s) listed below. 



(Application Number) (Filing Date) 



(Application Number) (Filing Date) 

I hereby claim the benefit under Title 35, United States Code §120 of any United States 
applications), or §365(c) of any PCT International application designating the United States, 
listed below and, insofar as the subject matter of each of the claims of this application is not 
disclosed in the prior United States or PCT International application in the manner provided by 
the first paragraph of Title 35, United States Code §1 12, 1 acknowledge the duty to disclose 
information which is material to patentability as defined in Title 37, Code of Federal 
Regulations, §1.56 which became available between the filing date of the prior application and 
the national or PCT International filing date of this application. 

PCT/US99/24191 October 14. 1999 Pending 

(Application Number) (Filing Date) (Status - patented, pending, abandoned) 



(Application Number) (Filing Date) (Status -- patented, pending, abandoned) 



POWER OF ATTORNEY: I hereby appoint the following attorney(s) and/or agent(s) to 
prosecute this application and to transact all business in the Patent and Trademark Office 
connected therewith: 

John S. Ferrell, Reg. N o. 34,593^ ,. Eppa Hite, Reg. No.3 0,266; 
Gregory J. Koerner, Reg. No. 38,519; Charles B. Katz, Reg. No. 36,564;__--— 
John D. Henkhaus, Reg. N5~ ^656; "Susan Yee, Reg. NoAl£M^Z~~ )< 
Robert Toczycki, Reg. No. 38,341 and Aaron Wininger, Reg. No. 45,229. U 



SEND ALL CORRESPONDENCE TO: 

Aaron Wim nggx., _,. 
CARR &JMS£LLLLE- 

2 225 East Bavshore Road. Suite 200 

Palo Alto. CA 94 303- 

TEL: (650) 812-3400 
FAX: (650)812-3444 



I hereby declare that all statements made herein of my own knowledge are true and that all 
statements made on information and belief are believed to be true; and further that these 
statements were made with the knowledge that willful false statements and the like so made are 
punishable by fine or imprisonment, or both, under Section 1001 of Title 18 of the United States 
Code and that such willful false statements may jeopardize the validity of the application or any 
patent issued thereon. 

Full name of sole inventor: Lynn Spraggs 



Inventor's signature Dated: ^/if/z*^ 



Residence 



Post Office Address Ccz^ Citizenship Cfy* c^r <? ^ 



